In simpler times, security technology approaches were clearly defined and primarily based on prevention with things like firewalls, anti-virus, web, and email gateways. There were relatively few available technology segments and a relatively clear distinction between buying security technology purchases and outsourcing engagements.
Organizations invested in the few well-known, broadly used security technologies themselves, and if outsourcing the management of these technologies was needed, they could be reasonably confident that all major security outsourcing providers would be able to support their choice of technology.
Gartner declared this was a market truth for both on-premises management of security technologies and remote monitoring/management of the network security perimeter (managed security services).
So, what has changed? A recent survey of over 300 IT professionals by SC Magazine indicates two main factors at play (get the full report here ). The increasing complexity of the threat landscape has spawned more complex and expensive security technologies to combat those threats. This escalation in cost and complexity is then exacerbated by budget constraints and an ultra-tight cybersecurity labor market.
Net result? The “human element” is back into the forefront of security management discussions. The skilled security analyst and subject matter expert for the technology in use have become exponentially more difficult to recruit, hire, and retain. The market agrees: The security gear is only as good as the people you are able to get to manage it.
With the threat landscape of today, the focus is squarely on detection, response, prediction, continuous monitoring and analytics. This means a successful outcome is critically dependent on the “human element.” The choices are to procure security technology and:
- Deploy adequate internal resources to use them effectively, or
- Co-source the staffing who already has experience with the selected technology (for instance, using our Co-managed SIEM)
If co-sourcing is a thought, then selection criteria must consider the expertise of the provider with the selected security technology. Our Co-managed SIEM offering bundles comprehensive technology with expertise in its use.
Technology represents 20% or less of the overall challenges to better security outcomes. The “human element” coupled with mature processes are the rest of the iceberg, hiding beneath the waterline.